karmada-io
/
karmada
mirror of https://github.com/karmada-io/karmada.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Define top level Permission for ci-image-scanning workflow 

Signed-off-by: aditya7302 <aditya7302@gmail.com>
This commit is contained in:
aditya7302 2024-06-18 10:38:33 +05:30
parent 5e8152ab2e
commit c437a18de3
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/ci-image-scanning.yaml vendored
View File

@ -5,6 +5,11 @@ on:
# for PRs initiated by Dependabot. # for PRs initiated by Dependabot.
branches-ignore: branches-ignore:
- 'dependabot/**' - 'dependabot/**'
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
jobs: jobs:
use-trivy-to-scan-image: use-trivy-to-scan-image:
name: image-scanning name: image-scanning